package com.sophos.jbase;

import android.annotation.SuppressLint;
import android.content.Context;
import android.content.Intent;
import android.os.AsyncTask;
import android.util.Base64;
import com.sophos.jbase.FdeRecoveryKey;
import com.sophos.jbase.JBKey;
import com.sophos.smsdkex.communication.rest.KeyRingAuthCommandHandler;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;

/* loaded from: classes.dex */
public class b extends AsyncTask<Void, Long, Integer> {

    /* renamed from: a, reason: collision with root package name */
    private InputStream f10128a;

    /* renamed from: b, reason: collision with root package name */
    private a f10129b;

    /* renamed from: c, reason: collision with root package name */
    private PrivateKey f10130c;

    /* renamed from: d, reason: collision with root package name */
    @SuppressLint({"StaticFieldLeak"})
    private Context f10131d;

    /* renamed from: e, reason: collision with root package name */
    private NodeList f10132e = null;

    /* loaded from: classes.dex */
    public interface a {
        void a(EncryptionKey encryptionKey);
    }

    public b(Context context, InputStream inputStream, a aVar, PrivateKey privateKey) {
        this.f10131d = context.getApplicationContext();
        this.f10128a = inputStream;
        this.f10129b = aVar;
        this.f10130c = privateKey;
    }

    private Element b(String str, String str2) {
        for (int i2 = 0; i2 < this.f10132e.getLength(); i2++) {
            Element element = (Element) this.f10132e.item(i2);
            if (element.hasAttribute("type") && element.getAttribute("type").equals("followUpBlock") && element.hasAttribute("kdest") && element.getAttribute("kdest").equals(str2) && str.endsWith(e(element, "NameGID"))) {
                return element;
            }
        }
        return null;
    }

    private int c(String str) {
        if ("ou".equals(str)) {
            return 16384;
        }
        if ("user".equals(str)) {
            return 4096;
        }
        if ("group".equals(str)) {
            return 8192;
        }
        com.sophos.smsec.core.smsectrace.c.i("AsyncParseKeyFile", "unknown key type!");
        return EncryptionKey.CBI_LOCAL_KEY;
    }

    private Element d(Node node, String str) {
        NodeList childNodes = node.getChildNodes();
        if (childNodes.getLength() <= 0) {
            return null;
        }
        for (int i2 = 0; i2 < childNodes.getLength(); i2++) {
            Node item = childNodes.item(i2);
            if (str.equals(item.getNodeName())) {
                return (Element) item;
            }
        }
        return null;
    }

    private String e(Node node, String str) {
        Element d2 = d(node, str);
        return d2 == null ? "" : d2.getTextContent();
    }

    public static Document f(InputStream inputStream) {
        try {
            return DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new InputSource(inputStream));
        } catch (IOException | ParserConfigurationException | SAXException e2) {
            com.sophos.smsec.core.smsectrace.c.i("Error: ", e2.getMessage());
            return null;
        }
    }

    private int g(Element element) {
        try {
            return Integer.valueOf(e(element, "KAttr"), 16).intValue();
        } catch (Exception e2) {
            com.sophos.smsec.core.smsectrace.c.j("AsyncParseKeyFile", "failed to read key attribute!", e2);
            return 0;
        }
    }

    private EncryptionKey h(byte[] bArr, String str, String str2, int i2) {
        return i(bArr, null, str, str2, i2);
    }

    private EncryptionKey i(byte[] bArr, EncryptionKey encryptionKey, String str, String str2, int i2) {
        byte[] bArr2 = {-51, 34, -1, 119};
        for (byte b2 = 0; b2 < 4; b2 = (byte) (b2 + 1)) {
            if (bArr2[b2] != bArr[b2]) {
                com.sophos.smsec.core.smsectrace.c.i("AsyncParseKeyFile", "invalid key header");
                return null;
            }
        }
        if (bArr[4] != 1 || bArr[5] != 0 || bArr[6] != 0 || bArr[7] != 0) {
            com.sophos.smsec.core.smsectrace.c.i("AsyncParseKeyFile", "invalid key header");
            return null;
        }
        if (bArr[8] != 1 || bArr[9] != 0 || bArr[10] != 2 || bArr[11] != 0) {
            com.sophos.smsec.core.smsectrace.c.i("AsyncParseKeyFile", "invalid key header");
            return null;
        }
        if (bArr[12] != 0 || bArr[13] != 1 || bArr[14] != 0 || bArr[15] != 0) {
            com.sophos.smsec.core.smsectrace.c.i("AsyncParseKeyFile", "invalid key header");
            return null;
        }
        if (bArr[16] != Byte.MIN_VALUE || bArr[17] != 0 || bArr[18] != 0 || bArr[19] != 0) {
            com.sophos.smsec.core.smsectrace.c.i("AsyncParseKeyFile", "invalid key header");
            return null;
        }
        int i3 = 24;
        if (!(bArr[20] == 0 && bArr[21] == 0 && bArr[22] == 0 && bArr[23] == 0) && (i3 = 24 + (((((bArr[23] * 256) + bArr[22]) * 256) + bArr[21]) * 256) + bArr[20]) >= bArr.length) {
            com.sophos.smsec.core.smsectrace.c.i("AsyncParseKeyFile", "invalid key header");
            return null;
        }
        byte[] copyOfRange = Arrays.copyOfRange(bArr, i3, bArr.length);
        if (encryptionKey != null) {
            if (copyOfRange.length < 40) {
                com.sophos.smsec.core.smsectrace.c.i("AsyncParseKeyFile", "invalid key header");
                return null;
            }
            try {
                copyOfRange = c.c(encryptionKey.getJBKey(), copyOfRange);
            } catch (JBException e2) {
                com.sophos.smsec.core.smsectrace.c.j("AsyncParseKeyFile", "invalid key header", e2);
                copyOfRange = null;
            }
        } else if (copyOfRange.length < 32) {
            com.sophos.smsec.core.smsectrace.c.i("AsyncParseKeyFile", "invalid key header");
            return null;
        }
        if (copyOfRange == null) {
            return null;
        }
        return new EncryptionKey(str, str2, new JBKey(copyOfRange, JBKey.JBCryptAlgorithm.JBAES, JBKey.JBKeySize.JBKeySize256), i2);
    }

    private void j(Element element, EncryptionKey encryptionKey) {
        String str;
        if (element == null) {
            com.sophos.smsec.core.smsectrace.c.i("AsyncParseKeyFile", "invalid Element parameter.");
            return;
        }
        Element d2 = d(element, "FDEKeys");
        if (d2 != null) {
            NodeList childNodes = d2.getChildNodes();
            if (childNodes.getLength() > 0) {
                for (int i2 = 0; i2 < childNodes.getLength(); i2++) {
                    Element element2 = (Element) childNodes.item(i2);
                    String e2 = e(element2, "MachineName");
                    String e3 = e(element2, "Drive");
                    FdeRecoveryKey.DriveType driveType = FdeRecoveryKey.DriveType.DATA;
                    if (e(element2, "DriveType").equalsIgnoreCase(FdeRecoveryKey.DriveType.BOOT.getTypeString())) {
                        driveType = FdeRecoveryKey.DriveType.BOOT;
                    }
                    FdeRecoveryKey.DriveType driveType2 = driveType;
                    FdeRecoveryKey.ProtectionType protectionType = FdeRecoveryKey.ProtectionType.FILEVAULT;
                    if (e(element2, "ProtectionType").equalsIgnoreCase(FdeRecoveryKey.ProtectionType.BITLOCKER.getTypeString())) {
                        protectionType = FdeRecoveryKey.ProtectionType.BITLOCKER;
                    }
                    FdeRecoveryKey.ProtectionType protectionType2 = protectionType;
                    byte[] decode = Base64.decode(e(element2, "Value"), 3);
                    if (encryptionKey != null) {
                        try {
                            str = new String(c.a(decode, 0, decode.length, encryptionKey.getJBKey(), null), StandardCharsets.UTF_8);
                        } catch (JBException e4) {
                            com.sophos.smsec.core.smsectrace.c.j("AsyncParseKeyFile", "error decrypting key.", e4);
                            str = null;
                        }
                        i.O(new FdeRecoveryKey(e2, e3, driveType2, protectionType2, str, e(element2, "DateKeyStored"), e(element2, "KeyGuid"), e(element2, "RecoveryId")));
                    }
                }
            }
        }
    }

    private void k(Element element, EncryptionKey encryptionKey, int i2, boolean z) {
        if (element == null) {
            com.sophos.smsec.core.smsectrace.c.i("AsyncParseKeyFile", "invalid Element parameter.");
            return;
        }
        Element d2 = d(element, "Keks");
        if (d2 != null) {
            NodeList childNodes = d2.getChildNodes();
            if (childNodes.getLength() > 0) {
                for (int i3 = 0; i3 < childNodes.getLength(); i3++) {
                    Element element2 = (Element) childNodes.item(i3);
                    EncryptionKey i4 = i(Base64.decode(e(element2, "BValue"), 3), encryptionKey, e(element2, "SName"), e(element2, "Guid"), g(element2) | i2 | 1048576);
                    if (i4 == null) {
                        com.sophos.smsec.core.smsectrace.c.i("AsyncParseKeyFile", "error decrypting key.");
                    } else {
                        this.f10129b.a(i4);
                    }
                }
            }
        }
        if (z) {
            String e2 = e(element, "ParentNameGID");
            if (e2.equals(e(element, "NameGID"))) {
                com.sophos.smsec.core.smsectrace.c.v("AsyncParseKeyFile", "reached root at " + e2);
                return;
            }
            String e3 = e(element, "ParentSEK");
            String e4 = e(element, "ParentType");
            EncryptionKey i5 = i(Base64.decode(e3, 3), encryptionKey, e(element, "ParentName"), e(element, "ParentNameGID"), c(e4) | 1048576);
            if (i5 == null) {
                com.sophos.smsec.core.smsectrace.c.i("AsyncParseKeyFile", "error decrypting key.");
            } else {
                k(b(e2, e4), i5, c(e4), true);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // android.os.AsyncTask
    /* renamed from: a, reason: merged with bridge method [inline-methods] */
    public Integer doInBackground(Void... voidArr) {
        EncryptionKey encryptionKey;
        int i2;
        Document f2 = f(this.f10128a);
        int i3 = 0;
        if (f2 != null) {
            NodeList elementsByTagName = f2.getElementsByTagName("Block");
            this.f10132e = elementsByTagName;
            if (elementsByTagName.getLength() >= 0) {
                i.d(true);
                i.c();
            }
            int i4 = 0;
            while (true) {
                if (i4 >= this.f10132e.getLength()) {
                    break;
                }
                Element element = (Element) this.f10132e.item(i4);
                if (element.hasAttribute("type") && element.getAttribute("type").equals("startBlock")) {
                    Element d2 = d(element, "SEK");
                    if (d2 != null) {
                        String e2 = e(d2, "BValue");
                        int i5 = 3;
                        try {
                            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
                            cipher.init(2, this.f10130c);
                            encryptionKey = h(cipher.doFinal(Base64.decode(e2, 3)), e(element, "Name"), e(element, "NameGID"), 5246976);
                        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e3) {
                            com.sophos.smsec.core.smsectrace.c.T("AsyncParseKeyFile", "", e3);
                            encryptionKey = null;
                        }
                        if (encryptionKey == null) {
                            return 12;
                        }
                        k(element, encryptionKey, 131072, true);
                        j(element, encryptionKey);
                        Element d3 = d(element, "Groups");
                        if (d3 != null) {
                            NodeList childNodes = d3.getChildNodes();
                            int i6 = 0;
                            while (i6 < childNodes.getLength()) {
                                Element element2 = (Element) childNodes.item(i6);
                                if ("G".equals(element2.getNodeName())) {
                                    i2 = i6;
                                    EncryptionKey i7 = i(Base64.decode(e(element2, "SEK"), i5), encryptionKey, e(element2, "Name"), e(element2, "NameGID"), 1056768);
                                    if (i7 == null) {
                                        return 12;
                                    }
                                    k(b(e(element2, "NameGID"), "group"), i7, 8192, false);
                                } else {
                                    i2 = i6;
                                }
                                i6 = i2 + 1;
                                i5 = 3;
                            }
                        }
                    }
                    a aVar = this.f10129b;
                    if (aVar != null) {
                        aVar.a(null);
                    }
                } else {
                    i4++;
                }
            }
        } else {
            i3 = -1;
        }
        return Integer.valueOf(i3);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // android.os.AsyncTask
    /* renamed from: l, reason: merged with bridge method [inline-methods] */
    public void onPostExecute(Integer num) {
        Intent putExtra = new Intent("com.sophos.smenc.keysync.done").putExtra(KeyRingAuthCommandHandler.EXTRA_AUTH_LAST_STATUS, num);
        if (this.f10131d.getPackageManager().queryBroadcastReceivers(putExtra, 0).isEmpty()) {
            com.sophos.smsec.core.smsectrace.c.R("seems that no one listens to key sync finished.");
        }
        this.f10131d.sendBroadcast(putExtra, "com.sophos.smenc.permission.KEYSYNC");
    }
}
